On Apr 8, 2014 12:33 AM, "Charles Plessy" <firstname.lastname@example.org> wrote:
> http://http.debian.net/ is a mirror of the Debian archive. The wheezy-updates
> distribution is there to together with wheezy, wheezy-backports, jessie, sid,
> etc. It contains the packages that will be part of the next point update. This
> inlcudes security updates, but not immediately after their release.
That description is for wheezy-proposed-updates, not wheezy-updates. See the link in my reply to Anders to understand what this is; it's the successor to the old volatile archive, for fast-moving things like spamassassin rules and clamav signatures.
wheezy-updates might be worth including, as you did, but not wheezy-proposed-updates.
Ideally we'd make a conscious decision about such things instead of being ad-hoc, but I don't oppose this one. We should probably come up with a proposal for image standards so we have an agreed-upon guide for such decisions.
> http:/security.debian.org/ is not a section of the Debian archive, it is an
> archive on its own. If I remember correctly, the rationale for using a
> separate archive is that for a quick diffusion of security updates, it was
> better to avoid the lag caused by the mirroring of the regular archive. For
> wheezy, the distribution to pick is wheezy/updates.
This part is correct.